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NEWS ( /news ) 



(https:/ /dlic4altzx8ue g x[oudfront.net/finder-us /w p-uploads/2018/02/Tesla-lar ge.i pg). 


Private company data was exposed in the hack and crpyto mining 
CPU usage kept low to avoid detection. 

New research has revealed that American electric energy car manufacturer Tesla fell victim to 
“cryptojacking”. 

In a blog post fhttps:/ /blo g .redlock.io /crvptoi ackin g -tesla ) this week, RedLock Cloud Security Intelligence (CSI) team 
revealed that it had found hundreds of Kubernetes administration consoles that were accessible over the 
internet without any password protection. 

One of these compromised Kubernetes (https:/ /kubernetes.io /) pods - an open-source system for automating 
deployment, scaling and management of containerized applications - was on Tesla’s cloud account, 
exposing private company data. 

“Within one Kubernetes pod, access credentials were exposed to Tesla’s AWS environment which contained 

FppHhnrk 

i. S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry,” RedLock 

said. 
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Besides the data breach, Red Lock’s CSI team said that hackers were illegally minin g crv ptocurrenc v 

(https:/ /www.finder.conn/bitcoin-nninin g). 

The team noted that unlike other crypto mining incidents, the hackers did not use a well known public 
“mining pool” in this attack, making it difficult for standard threat intelligence feeds to detect the malicious 
activity. 

“The hackers also hid the true IP address of the mining pool server behind CloudFlare, a free content delivery 
network service. The hackers use a new IP address on-demand by registering for free services,” RedLock said. 

“This makes IP address based detection of crypto mining activity even more challenging.” 

The CPU usage levels used in the “cryptojacking” incident were also kept low, to assist in avoiding detection. 

The RedLock CSI team immediately reported the incident to Tesla and the issue was quickly rectified. 

In an email to Gizmodo ( htt ps://g izmodo.com/teslas-cloud-hacked-used-to-mine-cr v ptocurrencv-1823155247 ) a 

spokesperson for Tesla confirmed the hack but said its impact was “limited” in scale. 

“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability 
within hours of learning about it,” the Tesla spokesperson said. “The impact seems to be limited to internally- 
used engineering test cars only, and our initial investigation found no indication that customer privacy or 
vehicle safety or security was compromised in any way.” 

The breach involving Tesla is the latest in illicit cloud account access. Other instances involve Aviva, a British 
multinational insurance company, and Gemalto, the world’s largest manufacturer of SIM cards. 

Researchers are also reporting that cryptocurrency malware is rendering some companies unable to operate. 

You can learn all about different exchan ges (https:/ /www.finder.com /crv ptocurrenc v /exchan ges). understand exactly 
how to bu v and sell cr v ptocurrencies ( https:/ /www.finder.com /crv ptocurrenc v). calculate vour taxes 
(https:/ /www.finder.cem/calculate-taxes-cr v pte-prpfits ). discover dig ital wallets ( https:/ /www.finder.com /crv ptocurrenc v /wallets ) 
to hold assets and explore a list of all the alternative coins (https:/ /www.finder.com /crv ptPcurrenc v /altcoins#a-z ) on the 
market. 


This information should not be interpreted as an endorsement of cryptocurrency or any specific 
provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, 
complex and involve significant risks - they are highly volatile and sensitive to secondary activity. 
Performance is unpredictable and past performance is no guarantee of future performance. Consider 
your own circumstances, and obtain your own advice, before relying on this information. You should 
also verify the nature of any product or service (including its legal status and relevant regulatory 

lents) and consult the relevant Regulators' websites before making any decision. Finder, or the 
author, may have holdings in the cryptocurrencies discussed. 


https://www.finder.com/teslas-cloud-was-hacked-for-crypto-nnining 


2/4 





























3/13/2018 


Tesla's cloud was hacked for crypto mining | finder.com 


Latest cryptocurrency news 


Institutional investors about to get a chance to trade Ether 

(https://www.finder.conn/institutional-investors-about-to-get-a-chance-to-trade-ether) 

Blockchain gets vote of confidence to verify elections 

(https://www.finder.com/blockchain-gets-vote-of-confidence-to-verify-elections) 

Another Congressional hearing slated to talk cryptocurrency, ICOs 

(https://www.finder.com/another-congressional-hearing-slated-to-talk-cryptocurrency-icos) 


China developing a digital currency: report( htt P s: // www - finder - corn / china - devel °P in g- a - di g ita| - currenc y- re P ort ) 


The first ever credit card to reward users with bitcoin and Ethereum 

(https://www.finder.com/credit-card-to-reward-bitcoin-and-ethereum) 

Picture: Shutterstock 
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(https:/ /www.finder.com/uber-reveals-data- 


hack-of-57-miUions-users ) 


Uber reveals data hack of 57 millions users 

(https:/ /www.finder.com/uber-reveals-data-hack-of-57- 

miiiions-users ) 

The new CEO of Uber is stepping up and... 



(https:/ /www.finder.com/bitcoin-minin g) 


Bitcoin minin g : Can I make money doin g it? 

(https:/ /www.finder.com/bitcoin-minin g) 

Bitcoin mining is the process by which new... 



(https:/ /www.finder.com /crv pto-exchan ge- 
binance-temporarilv-disables-withdrawals ) 


Cry pto exchan g e Binance temporarily disables 
withdrawals ( htt ps:/ /www.finder.com /cry pto-exchan ge- 
binance-temporariiv-disables-withdrawals ) 

The company is investigating reports of users... 
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The cheapest countries for bitcoin minin g 

(https:/ /www.finder.com/the-cheapest-countries-for- 

bitcoin-minin g) 

The study analyzed the cost to mine one... 



(https:/ /www.finder.com/forever-21-discovers- 


pa vments-card-breach ) 


Forever 21 discovers pa yments card breach 

(https:/ /www.finder.com/forever-21-discovers- pa vments- 

card-breach ) 

The number of people and payment cards... 
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